Vulnerabilities > Hayageek

DATE CVE VULNERABILITY TITLE RISK
2022-02-25 CVE-2021-37504 Cross-site Scripting vulnerability in Hayageek Jquery Upload File 4.0.11
A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name.
network
low complexity
hayageek CWE-79
6.1
6.1
2018-11-19 CVE-2018-9207 Unrestricted Upload of File with Dangerous Type vulnerability in Hayageek Jquery Upload File
Arbitrary file upload in jQuery Upload File <= 4.0.2
network
low complexity
hayageek CWE-434
critical
 9.8
9.8